• Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 23. Office 2003 Security Environ... > How Office Performs Certificate Revo...

How Office Performs Certificate Revocation

Microsoft Office uses some of the security settings set by Microsoft Internet Explorer when it attempts to authenticate certificates of trust prior to use, even if the certificate is already accepted and present on a user’s computer. Each time an Office application attempts to run an executable signed with an attached certificate, one of the following events occurs if the Check for publisher’s certificate revocation check box is checked in the Internet Explorer Advanced settings dialog: either the server maintained by the certificate authority who issued the certificate is checked for a revocation status, or a cached file downloaded from that same certificate authority is examined (dependent on the update cycle of revocation information by the certificate authority). The only exception to this behavior is with a Microsoft ActiveX control that was already installed if the certificate of trust associated with the control was already accepted and is present in the Trusted Publishers Store.

The Check for publisher’s certificate revocation setting of Microsoft Internet Explorer is set to enabled by default during a non-customized installation of Internet Explorer. (In previous versions, certificate revocation was set to install in a disabled state.) Because Office inherits this setting from Internet Explorer, Office will automatically check for certificate revocation when installed. Administrators can turn off certificate revocation, but it is recommended that they keep this feature enabled.


PREVIEW

                                                                          

Not a subscriber?

Start A Free Trial


  
  • Creative Edge
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint